Inoffensive Pentest Showcase

It is difficult to think and act like a hacker when you are not accustomed to doing so. Most malicious exploits have their roots in a simple, easily identifiable misconfiguration of your PC. Once downloaded, the malware (mostly a Trojan) targets the most common vulnerabilities. It goes after these ‘low hanging fruits’ and once they’re identified, hackers start to exploit them. This is often the beginning of a stealthy APT—an Advanced Persistent Threat—which often eventually leads to all kinds of theft.

LUCY allows you to run such malware simulations on your own. Because the LUCY malware testing suite is easy to configure, you can prepare a campaign containing a malware simulation without difficulty. Choose from more than 40 checks including whether the outlook messages are accessible, whether the webcam can be switched on and which antivirus tool is installed, just to name a few.

The malware testing suite allows you to act as your own penetration tester and to run a technology assessment on your IT infrastructure based on best practices from our IT-security specialists. For more details please refer to this section of our LUCY Wiki.

Penetration testers can benefit by instantly setting up their own penetration test environment, regardless of the goal they want to achieve, whether it is preparing a social engineering campaign for a customer, running a fake phishing attack with simulated malware, quickly checking the most common vulnerabilities on the customer side, simulating a web drive-by attack (external Blog) or just pitching for a penetration test deal.